Back to search
CVE-2009-1191
Published: Apr 23, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34663
vdb-entry
x_refsource_BID
http://www.apache.org/dist/httpd/patches/apply_to_2.2.11/PR46949.diff
x_refsource_CONFIRM
35395
third-party-advisory
x_refsource_SECUNIA
apache-modproxyajp-information-disclosure(50059)
vdb-entry
x_refsource_XF
MDVSA-2009:102
vendor-advisory
x_refsource_MANDRIVA
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
x_refsource_CONFIRM
ADV-2009-1147
vdb-entry
x_refsource_VUPEN
GLSA-200907-04
vendor-advisory
x_refsource_GENTOO
oval:org.mitre.oval:def:8261
vdb-entry
signature
x_refsource_OVAL
ADV-2009-3184
vdb-entry
x_refsource_VUPEN
53921
vdb-entry
x_refsource_OSVDB
1022264
vdb-entry
x_refsource_SECTRACK
https://issues.apache.org/bugzilla/show_bug.cgi?id=46949
x_refsource_CONFIRM
34827
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2009-11-09-1
vendor-advisory
x_refsource_APPLE
MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?r1=766938&r2=767089
x_refsource_CONFIRM
35721
third-party-advisory
x_refsource_SECUNIA
http://support.apple.com/kb/HT3937
x_refsource_CONFIRM
USN-787-1
vendor-advisory
x_refsource_UBUNTU
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1888194 [5/13] - /httpd/site/trunk/content/security/json/
mailing-list
x_refsource_MLIST
[httpd-cvs] 20210330 svn commit: r1073139 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now